Modern Bag login-back.php File SQL Injection Vulnerability

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter user-name in file /admin/login-back.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

CVE-2025-7512

A vulnerability was found in code-projects Modern Bag 1.0. It has been classified as critical. Affected is an unknown function of the file /contact-back.php. The manipulation of the argument contact-name leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-7512 code-projects Modern Bag contact-back.php sql injection

A vulnerability was found in code-projects Modern Bag 1.0. It has been classified as critical. Affected is an unknown function of the file /contact-back.php. The manipulation of the argument contact-name leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-7512

CVE-2025-7512 affects Modern Bag 1.0, with a SQL injection vulnerability in /contact-back.php triggered by the contact-name parameter. Multiple connected sources confirm remote exploitation and public disclosure. The root cause is improper handling/validation of externally supplied SQL in the con...

Code-Projects Modern Bag 注入漏洞

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter contact-name in file /contact-back.php that lacks validation of externally entered SQL statements. An attacker can use this vulnerability to execute illegal S...

CVE-2025-7471 code-projects Modern Bag login-back.php sql injection

A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login-back.php. The manipulation of the argument user-name leads to sql injection. The attack can be launched remotely. The...

CVE-2025-7471

Summary: CVE-2025-7471 affects code-projects Modern Bag 1.0. Affected component: /admin/login-back.php. Root cause: input manipulation of the parameter user-name enables SQL injection. Impact: remote exploitation with potential data theft; exploitation publicly disclosed. Evidence from connected ...

PT-2024-27930 · Alcasar · Alcasar

Name of the Vulnerable Software and Affected Versions: ALCASAR versions prior to 3.6.1 Description: The issue allows remote code execution in the email registration back.php file. Recommendations: For versions prior to 3.6.1, update to version 3.6.1 or later to resolve the issue...

Wordpress 2.6.6 /wysija_newsletters/trunk/helpers/back.php 任意文件创建漏洞

/wp-content/plugins/wysija-newsletters/helpers/back.phpfunction verifycapability if isset $REQUEST'page' && substr $REQUEST'page' ,0 ,7 == 'wysija' switch $REQUEST'page' case 'wysijacampaigns': $roleneeded = 'wysijanewsletters'; break; case 'wysijasubscribers': $roleneeded = 'wysijasubscribers';...